Authentication of Warning Messages in a Network

1. A device for communicating with a network, the device comprising: a communications circuit for receiving data; a notification circuit for conveying a notification to a user; and a control circuit for controlling operation of the communications circuit and the notification circuit; wherein: the communications circuit is configured to receive both an information message and security authentication data associated with the information message, wherein the information message includes the notification; the control circuit is configured to selectively operate in a first configuration in which the control circuit ignores the security authentication data, and instructs the notification circuit to convey the notification to the user without using the security authentication data to verify the information message, and a second configuration in which the control circuit verifies the information message based on the security authentication data and instructs the notification circuit to convey the notification to the user responsive to a determination that the verification is successful; and the communications circuit is configured to receive a configuration message comprising an indicated configuration that indicates whether the control circuit should operate in the first configuration or the second configuration; and the control circuit is configured to change configuration responsive to a determination that the indicated configuration is different than a current configuration.

2. The device of claim 1 , wherein the control circuit is configured to operate in the first configuration in one or more of the following situations: when the device is switched on for the first time; when the device roams to a new network; when the device has been configured via a second configuration message that indicates that the device should operate in the first configuration; and following an interruption to communication; and wherein the control circuit is further configured to switch to the second configuration upon reception of a third configuration message that indicates that the control circuit should operate in the second configuration.

3. The device of claim 1 , wherein the configuration of the control circuit is stored in a configuration storage circuit associated with the device.

4. The device of claim 3 , wherein the configuration storage circuit or a key storage circuit, or both, are included in a removable entity.

5. The device of claim 4 , wherein the removable entity is capable of performing processing of the parts of GSM-AKA, UMTS-AKA or EPS-AKA that is performed by a SIM or USIM module.

6. The device of claim 1 , wherein the communications circuit is configured to receive one or more keys, wherein a key storage circuit associated with the device is configured to store the one or more keys, and wherein the control circuit is configured to use at least one of the one or more keys to verify the information message.

7. The device of claim 6 , wherein the one or more keys are one or more public keys.

8. The device of claim 1 , wherein the notification circuit comprises a display device, configured in such a way that conveying the notification to the user comprises displaying information contained in the information message.

9. The device of claim 8 , wherein the configuration message further includes an indication of security information that should be displayed to the user, and wherein the control circuit is configured to, when the information message is received, instruct the display device to display the security information to the user along with the information in the information message dependent upon the indication in the configuration message.

10. The device of claim 1 , wherein the information message is a Public Warning System message.

11. The device of claim 1 , wherein the control circuit is configured to authenticate the configuration message.

12. A serving node for use in a telecommunications network, comprising: a communications circuit for sending data; a storage medium for storing data; and a control circuit for controlling the operation of the communications circuit and the storage medium; wherein: the communications circuit is configured to send a configuration message to a user device in the telecommunications network, the configuration message including an indication as to whether the user device should operate in a first configuration in which the user device receives a first information message and associated first security authentication data and, subsequently, conveys a first notification included in the first information message to a user without using the first security authentication data to verify the first information message, or a second configuration in which the user device receives a second information message and associated second security authentication data and, subsequently, verifies the second information message based upon the second security authentication data and, responsive to a successful verification, conveys a second notification included in the second information message to the user.

13. The serving node of claim 12 , wherein the configuration message further includes an indication of security information that should be displayed to the user.

14. The serving node of claim 12 , wherein the information message is a Public Warning System message.

15. A method for activating the use of security authentication data in a user device in a telecommunications network, the method comprising: receiving a configuration message comprising a configuration indication; selectively setting the user device to operate in a first configuration or a second configuration, on the basis of the configuration indication, such that the user device, when operating in the first configuration, receives a first information message and associated first security authentication data and processes the first information message without using the first security authentication data to verify the first information message and, when operating in the second configuration, receives a second information message and associated second security authentication data associated with the second information message and verifies the second information message based on the second security authentication data before processing the second information message.

16. A method for operating a user device in a telecommunications network, the method comprising: receiving both an information message and security authentication data associated with the information message, the information message including a notification; processing the information message dependent upon whether the user device is configured in a first configuration or a second configuration, such that, in the first configuration, the security authentication data is ignored and the notification is conveyed to a user without using the security authentication data to verify the information message, and, in the second configuration, the information message is verified based on the security authentication data and the notification is conveyed to the user responsive to a determination that the verification is successful; receiving a configuration message comprising an indicated configuration that indicates whether the user device should operate in the first configuration or the second configuration; and changing configuration responsive to a determination that the indicated configuration is different than a current configuration.

17. A method for operating a serving node in a telecommunications network, the method comprising: sending a configuration message to a user device in the telecommunications network, wherein the user device is configured to receive information messages, each of which has associated security authentication data that is also received by the user device, and wherein the configuration message includes an indication as to whether the user device should operate in a first configuration in which the user device receives a first information message and associated first security authentication data and, subsequently, conveys a first notification included in the first information message to a user without using the first security authentication data to verify the first information message, or a second configuration in which the user device receives a second information message and associated second security authentication data and, subsequently, verifies the second information message based upon the second security authentication data and, responsive to a successful verification, conveys a second notification included in the second information message to the user.

18. A non-transitory computer-readable medium comprising, stored thereupon, code adapted to be executed on a device in a telecommunications network, wherein the code, when executed by the device, is operable to cause the device to: receive both an information message and security authentication data associated with the information message, the information message including a notification; process the information message dependent upon whether the device is configured in a first configuration or a second configuration, such that, in the first configuration, the security authentication data is ignored and the notification is conveyed to a user without using the security authentication data to verify the information message, and, in the second configuration, the information message is verified based upon the security authentication data and the notification is conveyed to the user responsive to a determination that the verification is successful; receive a configuration message comprising an indicated configuration that indicates whether the device should operate in the first configuration or the second configuration; and change configuration responsive to a determination that the indicated configuration is different than a current configuration.

19. A non-transitory computer-readable medium comprising, stored thereupon, code adapted to be executed on a serving node in a telecommunications network, wherein the code, when executed on the serving node, is operable to cause the serving node to send a configuration message to a user device in the telecommunications network, the configuration message including an indication as to whether the user device should operate in a first configuration in which the user device receives a first information message and associated first security authentication data and, subsequently, conveys a first notification included in the first information message to a user without using the first security authentication data to verify the first information message, or a second configuration in which the user device receives a second information message and associated second security authentication data and, subsequently, verifies the second information message based upon the second security authentication data and, responsive to a successful verification, conveys a second notification included in the second information message to the user.